Presentation is loading. Please wait.

Presentation is loading. Please wait.

Configuration verification: A missing link toward fully verified networks Ratul Mahajan Microsoft Research With: Ari Fogel, Stanley Fung, Ramesh Govindan,

Published byGary Lane Modified over 9 years ago

Similar presentations

Presentation on theme: "Configuration verification: A missing link toward fully verified networks Ratul Mahajan Microsoft Research With: Ari Fogel, Stanley Fung, Ramesh Govindan,"— Presentation transcript:

1 Configuration verification: A missing link toward fully verified networks Ratul Mahajan Microsoft Research With: Ari Fogel, Stanley Fung, Ramesh Govindan, Todd Millstein, Luis Pedrosa, Meg Walraed-Sullivan

2 Networks are unreliable Unreliability is expensive

3 (An old) vision

4 But what does it mean? Hardware Forwarding software Data plane state Router runtime Configuration

5 Why configuration (verification) is hard? Low-level, per-device configuration Multiple routing protocols Redistribution across protocols Access control and isolation n1 n2 n3 C P p1 c1 c2 10.0.0.0/24 2.2.2.0/24 3.3.3.0/24 n4 N

6 Approaches for configuration analysis Data plane state Router runtime Configuration

7 Batfish n1 n2 n3 C P p1 c1 c2 10.0.0.0/24 2.2.2.0/24 3.3.3.0/24 n4 N [A generalized approach to network configuration analysis, NSDI 2015]

8 Demo

9 Results on two university networks PS. Wrt the prefix that was dual-assigned from yesterday, one of my NOC guys stopped by today to ask what voodoo I was using to find such things - Email from the head of the Net1 NOC

10 Implications It is possible to build a declarative model of existing networks – Can aid transition to SDNs – Can capture network management activity across time – Can capture network’s computation and its complexity https://github.com/arifogel/batfish

11 Toward fully verified networks ? Hardware Forwarding software Data plane state Router runtime Configuration Management plane Data plane computation …. Protocol interactions

Download ppt "Configuration verification: A missing link toward fully verified networks Ratul Mahajan Microsoft Research With: Ari Fogel, Stanley Fung, Ramesh Govindan,"

Similar presentations

Routing Routing in an internetwork is the process of directing the transmission of data across two connected networks. Bridges seem to do this function.

Routing Routing in an internetwork is the process of directing the transmission of data across two connected networks. Bridges seem to do this function.
IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.

IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.
Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
VeriCon: Towards Verifying Controller Programs in SDNs (PLDI 2014) Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly.

VeriCon: Towards Verifying Controller Programs in SDNs (PLDI 2014) Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly.
Skills: none Concepts: local area network, router, inter network, the TCP/IP layered software “stack”, layer functions, layer protocols, dumb versus smart.

Skills: none Concepts: local area network, router, inter network, the TCP/IP layered software “stack”, layer functions, layer protocols, dumb versus smart.
Skills: none Concepts: layered protocols, the internet layer, IP protocol, router, dumb (“end-to-end,” “neutral”) networks This work is licensed under.

Skills: none Concepts: layered protocols, the internet layer, IP protocol, router, dumb (“end-to-end,” “neutral”) networks This work is licensed under.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—4-1 Implement an IPv4-Based Redistribution Solution Lab 4-1 Debrief.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—4-1 Implement an IPv4-Based Redistribution Solution Lab 4-1 Debrief.
COS 420 Day 15. Agenda Assignment 3 Due Assignment 4 Posted Chap 16-20 Due April 6 Individual Project Presentations Due IEPREP - Jeff MANETS - Donnie.

COS 420 Day 15. Agenda Assignment 3 Due Assignment 4 Posted Chap Due April 6 Individual Project Presentations Due IEPREP - Jeff MANETS - Donnie.
CSCI 4550/8556 Computer Networks Comer, Chapter 1: Introduction.

CSCI 4550/8556 Computer Networks Comer, Chapter 1: Introduction.
COS 420 Day 18. Agenda Assignment 4 Posted Chap 16-20 Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.

COS 420 Day 18. Agenda Assignment 4 Posted Chap Due April 6 Group project program requirements Submitted but Needs lots of work Individual Project.
Shadow Configurations: A Network Management Primitive Richard Alimi, Ye Wang, Y. Richard Yang Laboratory of Networked Systems Yale University.

Shadow Configurations: A Network Management Primitive Richard Alimi, Ye Wang, Y. Richard Yang Laboratory of Networked Systems Yale University.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 OSI Network Layer Network Fundamentals – Chapter 5.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 OSI Network Layer Network Fundamentals – Chapter 5.
COS 420 Day 18. Agenda Group Project Discussion Program Requirements Rejected Resubmit by Friday Noon Protocol Definition Due April 12 Assignment 3 Due.

COS 420 Day 18. Agenda Group Project Discussion Program Requirements Rejected Resubmit by Friday Noon Protocol Definition Due April 12 Assignment 3 Due.
Information Security in Real Business Asian Connection and Craig.

Information Security in Real Business Asian Connection and Craig.
CIS 235: Networks Fall, 2007 Western State College Welcome to CIS 235 Computer Networks Fall, 2007 Prof Peterson.

CIS 235: Networks Fall, 2007 Western State College Welcome to CIS 235 Computer Networks Fall, 2007 Prof Peterson.
1 Future Internet Architectures: Toward an Architecture-Agnostic Architecture Jennifer Rexford Princeton University

1 Future Internet Architectures: Toward an Architecture-Agnostic Architecture Jennifer Rexford Princeton University
1 Different Strokes for Different Folks (Or, How I Learned to Stop Worrying and Love Virtualization) Jennifer Rexford, Princeton University Joint work.

1 Different Strokes for Different Folks (Or, How I Learned to Stop Worrying and Love Virtualization) Jennifer Rexford, Princeton University Joint work.
Router modeling using Ptolemy Xuanming Dong and Amit Mahajan May 15, 2002 EE290N.

Router modeling using Ptolemy Xuanming Dong and Amit Mahajan May 15, 2002 EE290N.
Smart Home Current Progress Summary. Main Processor – Stellaris.

Smart Home Current Progress Summary. Main Processor – Stellaris.
CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.

CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.

Similar presentations

Ads by Google